New York State Department of Financial Services Releases Guidance on Vetting Key Personnel for State-Chartered Banking Organizations and Non-Depository InstitutionsJanuary 23, 2024
The New York State Department of Financial Services (the “Department”) has released final guidance (the “Guidance”) to Covered Institutions, as defined below, notifying them of the Department’s expectation that they develop, implement, and maintain a framework for the review and assessment of the character and fitness of their directors, senior officers, and managers. The Guidance was published on January 22, 2024 and is effective as of that date.
I. The Guidance
The Guidance is applicable to New York State-regulated banking organizations; branches, agencies, and representative offices of foreign banking organizations licensed by the Department; non-depository financial institutions licensed or chartered under the New York Banking Law, and institutions licensed under Part 200 of the Regulations of the Superintendent of Financial Services (together, “Covered Institutions”) and applies to each member of the board of directors, board of trustees and/or board of managers, as applicable, and each senior officer of a Covered Institution (“Designated Persons”).
The term “senior officer” refers to every officer who participates or has authority to participate (other than in the capacity of a director) in major policy-making functions of a Covered Institution. An individual who satisfies these criteria will be considered a senior officer, regardless of whether they have an official title or whether the individual is serving without salary or other compensation.
Developing, Implementing, and Maintaining Policies and Procedures
Covered Institutions are expected to develop, implement, and maintain policies and procedures requiring vetting of the character and fitness of each Designated Person both at onboarding and on a regular periodic basis thereafter. The resources and standards for investigations of Designated Persons should be reviewed on an ongoing basis to ensure that they remain applicable and up to date. These policies and procedures should include a robust framework for ongoing vetting to confirm that there have been no intervening circumstances that would make the continuation of an individual as a Designated Person of the Covered Institution inappropriate or improper.
Note that these expectations extend to various corporate or organizational transactions (including reorganizations or restructurings)—such as a merger or acquisition, a change of control, or a purchase and assumption agreement—whereby an individual who served as a Designated Person at one Covered Institution may join the acquiring, purchasing, or surviving Covered Institution as a Designated Person. In particular, the continuing or surviving Covered Institution is expected to be responsible for a full and complete vetting of all its Designated Persons, both at the time an individual becomes a Designated Person and on a regular basis thereafter.
Sensitive Issues and Warning Signs
As part of the process of developing a framework for the assessment of a Designated Person’s character and fitness, each Covered Institution is expected to define sensitive issues, warning signs, and other indicators that, if identified during the vetting process, warrant additional scrutiny before the individual is permitted to commence service as a Designated Person or permitted to remain in their position.
Risk-Based and Proportionate Approach
Covered Institutions are expected to take a risk-based and proportionate approach to implementing the Guidance, such that the nature and depth of assessments, and the frequency of ongoing assessments, are tailored and appropriate in light of the complexity and risk profile of the institution. Appended to the Guidance is a list of suggested questions that a Covered Institution may adapt for use in the onboarding and ongoing assessments of its Designated Persons’ character and fitness. Any request for information from a Designated Persons should be made in compliance with all applicable laws.
A Covered Institution is expected to review materials generated in connection with onboarding and/or ongoing character and fitness assessments of Designated Persons and is expected to report such findings to its board of directors or the equivalent function, as well as the chief compliance officer or equivalent function. Additionally, each Covered Institution is expected to require its Designated Persons to amend and update relevant information that was obtained during the most recent character and fitness vetting period in response to a change in circumstances or if a Designated Person later determines that previously submitted information was materially incorrect or that the relevant facts have materially changed. If, as a result of a materially adverse finding during an ongoing assessment of a Designated Person, a Covered Institution determines to remove a Designated Person from that person’s current position, to transfer such Designated Person to another position or group, or to make modifications to the current functions of such Designated Person, the Covered Institution is expected to notify the Department of such determination promptly.
The Guidance advises Covered Institutions of the Department’s expectation that each institution have in place a framework for vetting Designated Persons, consistent with the risk profile of the institution’s operations. Covered Institutions that currently maintain a vetting framework for Designated Persons should confirm that their existing framework is consistent with the expectations outlined in the Guidance. Department examiners will review a Covered Institution’s policies and procedures regarding vetting Designated Persons. In particular, as part of the regular safety and soundness examination process, examiners will review to confirm that a Covered Institution maintains a vetting policy consistent with the expectations outlined in the Guidance and that the Covered Institution is operating in compliance with those policies and procedures.
This advisory is a general overview of the Guidance and is not intended as legal advice. If you have any questions about the Guidance, please feel free to contact Joseph D. Simon at (516) 357-3710 or via email at firstname.lastname@example.org, Kevin Patterson at (516) 296-9196 or via email at email@example.com, Elizabeth A. Murphy at (516) 296-9154, or via email at firstname.lastname@example.org, or Gabriela Morales at (516) 357-3850 or via email at email@example.com.
 Banking organization means “all banks, trust companies, private bankers, savings banks, safe deposit companies, savings and loan associations, credit unions and investment companies.” New York Banking Law § 2.11.
 Part 200 regulates virtual currency businesses. 23 NYCRR Part 200.